Risk management seminar Part 4 Classification of risk Risk can be classified into several distinct classes. The most important include the following: 1.Pure and speculative risk 2.Diversifiable and nondiversifiable risk 3.Enterprise risk 4.Systemic risk 4 November 2024 Definition of risk and its types Types of IT risks 2.Electronic threats - aiming to compromise the business information - e.g.: a hacker could get access to your website, your IT system could become infected by a computer virus, you could fall victim to a fraudulent email or website. These are commonly of a criminal nature. 3.Technical failures - such as software bugs, a computer crash or the complete failure of a computer component. A technical failure can be catastrophic if you cannot retrieve data on a failed hard drive and no backup copy is available. 4.Infrastructure failures - such as the loss of your internet connection can interrupt your business - e.g.: you could miss an important purchase order. 5.Human error - is a major threat - e.g.: someone might accidentally delete important data, or fail to follow security procedures properly 4 November 2024 Definition of risk and its types 4. Cybersecurity and identity theft •Cybersecurity and identity theft by thieves breaking into firms’ computer system and database are major problems for many firms. •Computer hackers have been able to steal hundreds of thousands of consumer credit records, which have exposed individuals to identity theft and violation of privacy. As a result, commercial banks, financial institutions, and other business are exposed to enormous legal liabilities. •Other crime exposures include robbery and burglary; shoplifting; employee theft and dishonesty; fraud and embezzlement; piracy and theft of intellectual property, and computer crimes. 4 November 2024 Definition of risk and its types Risk management models applied in practice Algorithm of possible risk management SBU definition with using 7S Methods SBU - Euromedica s.r.o. Strategy : corporate strategy for 2020 – 2023, integrated with financial strategy and HR strategy. Structure : Managing board, Supervisory board. Direktor. IT Servises. Sales Department. Ekonomics Department. Logistik manager. Systems : IT Systems – MS Office, MS SQL Server Account system Money S7 Small company managed by direcktor and head off the departments. Marketing system integrated in Money S7. Logistik system integrated in Money S7. Style: process oriented organization, with process maps and managed dokumentation. Staff: Managing board 3 persons. Supervisory board 3 persons. Direktor 1 person. IT department 3 persons. Logistik manager 1 person. Sales department : 12 persons. Economy department : 2 persons. Skills: Categorizing date. Audit skills. Process modeling. Process analyzing. Project management. Lead auditor for ISO 9001, 14001, 18001, 20001, 27001. Coordinating. Risk management. Shared values: Strategic thinking. Interviewing. Diplomacy. Advising. Types of risks Human factor : Substance abuse Stres sitaution Certifikation Information and technology risks: Integrity of application systems Incorrectly specified requirements for HW and SW and their evaluation Unauthorized use of information, destruction, damage and its modification Intentional interference with SW or HW Operation risks: Defective feedback system Complexity of processes, operations Organizational risk: Ineffective methodological, control activities and supervision Non-optimized circulation of documents, records, shredding of documents Financial risk: Manipulation of income and expenses State guarantees, financial assistance Thank you for your attention! Definition of risk and its types